CN108449186B - Security verification method and device - Google Patents
Security verification method and device Download PDFInfo
- Publication number
- CN108449186B CN108449186B CN201810593528.2A CN201810593528A CN108449186B CN 108449186 B CN108449186 B CN 108449186B CN 201810593528 A CN201810593528 A CN 201810593528A CN 108449186 B CN108449186 B CN 108449186B
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- user
- information
- verification
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The embodiment of the application discloses a security verification method and device. One embodiment of the method comprises: receiving a security verification request, wherein the security verification request comprises a user identifier and a category identifier of a sender of the security verification request; forwarding the security verification request to a connected wind control end so that the wind control end determines whether to perform information verification on the user indicated by the user identifier based on the class identifier; and responding to the received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user based on the prompt information, generating an information verification result, and obtaining a safety verification result based on the information verification result. The implementation mode realizes the safety verification of the user, and avoids the interaction between a sender of a safety verification request and the wind control end, thereby ensuring that the responsibility of the sender becomes single.
Description
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a security verification method and device.
Background
Currently, security verification can be applied to different systems, such as shopping-type systems, credit-type systems, financial-type systems, etc. These systems typically invoke a wind control engine to determine whether to trigger an information check on the user. Moreover, information checking logic, validation, etc. are typically performed by these systems as required. Existing security verification methods are often subject to extensive re-development and inconvenient maintenance.
Disclosure of Invention
The embodiment of the application provides a security verification method and device.
In a first aspect, an embodiment of the present application provides a security verification method, where the method includes: receiving a security verification request, wherein the security verification request comprises a user identifier and a category identifier of a sender of the security verification request; forwarding the security verification request to a connected wind control end so that the wind control end determines whether to perform information verification on the user indicated by the user identifier based on the class identifier; and responding to the received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user based on the prompt information, generating an information verification result, and obtaining a safety verification result based on the information verification result.
In some embodiments, the information check includes dynamic password authentication, and the hint information is information for instructing dynamic password authentication to be performed; and performing information verification on the user based on the prompt information, including: the following verification operations are performed: generating a dynamic password, and sending the generated dynamic password to a user side of a user; receiving a dynamic password sent by a user side; determining whether a dynamic password sent by a user side meets a preset condition, and if so, determining that the user passes dynamic password authentication; if the dynamic password sent by the user side does not meet the preset condition, performing incremental operation on the verification failure times of the dynamic password, determining whether the verification failure times of the current dynamic password is smaller than the preset value, and if so, continuing to perform the verification operation.
In some embodiments, the information verification of the user based on the prompt information further includes: and determining that the user fails the dynamic password authentication in response to determining that the dynamic password sent by the user side does not meet the preset condition or that the current dynamic password authentication failure times are not less than the preset value.
In some embodiments, after responding to the receiving of the prompt message returned by the wind control terminal for instructing information verification, the method further includes: setting corresponding identification information for the security verification request; and after sending the generated dynamic password to the user side of the user, the method further comprises: setting a corresponding dynamic password identification for the generated dynamic password, forming an information pair by the dynamic password and the dynamic password identification, and correspondingly storing the information pair and the identification information.
In some embodiments, the preset conditions include: the password is consistent with the dynamic password which is sent to the user terminal last time; and determining whether the dynamic password sent by the user side meets a preset condition, wherein the step comprises the following steps: and determining whether the dynamic password sent by the user side is consistent with the dynamic password in the information pair corresponding to the latest stored identification information, and if so, determining that the dynamic password sent by the user side meets the preset condition.
In some embodiments, sending the generated dynamic password to the user side of the user includes: and sending the generated dynamic password to the user side through the short message channel.
In some embodiments, before performing the verification operation for the first time, the method further comprises: and sending the address of the dynamic password verification page to the user side so that the user side jumps to the dynamic password verification page based on the address, and the user sends the dynamic password through the dynamic password verification page.
In some embodiments, obtaining the security verification result based on the information verification result includes: and if the information verification result is used for indicating that the user does not pass the information verification, generating a security verification result for indicating that the user does not pass the security verification.
In some embodiments, obtaining the security verification result based on the information verification result further includes: if the information verification result is used for indicating that the user passes the information verification, the information verification result is sent to the wind control end, so that the wind control end further determines whether the user passes the safety verification based on the category identification; and receiving a safety verification result returned by the wind control end.
In some embodiments, after forwarding the security verification request to the connected wind control terminal, the method further includes: and receiving a safety verification result returned by the wind control end after the wind control end determines not to verify the information of the user and determines whether the user passes the safety verification based on the class identification.
In some embodiments, the above method further comprises: and returning the security verification result to the sender.
In a second aspect, an embodiment of the present application provides a security verification apparatus, including: a receiving unit configured to receive a security authentication request, wherein the security authentication request includes a user identifier and a category identifier of a sender of the security authentication request; the forwarding unit is configured to forward the security verification request to the connected wind control terminal so that the wind control terminal determines whether to perform information verification on the user indicated by the user identification based on the class identification; the processing unit is configured to respond to the fact that prompt information which is returned by the wind control end and used for indicating information verification is received, conduct information verification on the user based on the prompt information, generate an information verification result, and obtain a safety verification result based on the information verification result.
In some embodiments, the information check includes dynamic password authentication, and the hint information is information for instructing dynamic password authentication to be performed; and the processing unit includes: a first execution subunit configured to perform the following validation operations: generating a dynamic password, and sending the generated dynamic password to a user side of a user; receiving a dynamic password sent by a user side; determining whether a dynamic password sent by a user side meets a preset condition, and if so, determining that the user passes dynamic password authentication; and the second execution subunit is configured to perform incremental operation on the verification failure times of the dynamic password if the dynamic password sent by the user side does not meet the preset condition, determine whether the verification failure times of the current dynamic password is smaller than a preset value, and continue to perform the verification operation if the verification failure times of the current dynamic password is smaller than the preset value.
In some embodiments, the processing unit further comprises: and the determining subunit is configured to determine that the user fails the dynamic password authentication in response to determining that the dynamic password sent by the user terminal does not meet the preset condition or that the current dynamic password authentication failure times are not less than a preset value.
In some embodiments, the above apparatus further comprises: a first setting unit configured to set corresponding identification information for the security authentication request; and a storage unit configured to set a corresponding dynamic password identification for the generated dynamic password, to constitute an information pair with the dynamic password identification, and to store the information pair and the identification information in correspondence.
In some embodiments, the preset conditions include: the password is consistent with the dynamic password which is sent to the user terminal last time; and the first execution subunit is further configured to: and determining whether the dynamic password sent by the user side is consistent with the dynamic password in the information pair corresponding to the latest stored identification information, and if so, determining that the dynamic password sent by the user side meets the preset condition.
In some embodiments, the first execution subunit is further configured to: and sending the generated dynamic password to the user side through the short message channel.
In some embodiments, the above apparatus further comprises: and the first sending unit is configured to send the address of the dynamic password authentication page to the user terminal so that the user terminal jumps to the dynamic password authentication page based on the address, and the user sends the dynamic password through the dynamic password authentication page.
In some embodiments, the processing unit further comprises: and the generating subunit is configured to generate a security verification result for indicating that the user fails the security verification if the information verification result is used for indicating that the user fails the information verification.
In some embodiments, the processing unit further comprises: the sending subunit is configured to send the information verification result to the wind control end if the information verification result is used for indicating that the user passes the information verification, so that the wind control end further determines whether the user passes the safety verification based on the category identification; and receiving a safety verification result returned by the wind control end.
In some embodiments, the above apparatus further comprises: and the first receiving unit is configured to receive a safety verification result returned by the wind control terminal after determining that the information of the user is not verified and determining whether the user passes the safety verification based on the class identification.
In some embodiments, the above apparatus further comprises: and a second sending unit configured to return the security authentication result to the sender.
In a third aspect, an embodiment of the present application provides an electronic device, including: one or more processors; a storage device having one or more programs stored thereon; when executed by the one or more processors, cause the one or more processors to implement a method as described in any implementation of the first aspect.
In a fourth aspect, the present application provides a computer-readable medium, on which a computer program is stored, which when executed by a processor implements the method described in any implementation manner of the first aspect.
According to the safety verification method and the safety verification device provided by the embodiment of the application, the safety verification request comprising the category identification and the user identification is received, and then the safety verification request is forwarded to the connected wind control terminal, so that the wind control terminal determines whether to perform information verification on the user indicated by the user identification based on the category identification. And then responding to the received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user, and generating an information verification result so as to obtain a safety verification result based on the information verification result. The method and the system realize the safety verification of the user, and avoid the interaction between a sender of a safety verification request and a wind control terminal, thereby ensuring that the responsibility of the sender becomes single.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present application may be applied;
FIG. 2 is a flow diagram for one embodiment of a security authentication method according to the present application;
FIG. 3 is a schematic diagram of an application scenario of a security authentication method according to the present application;
FIG. 4 is a flow diagram of yet another embodiment of a security authentication method according to the present application;
FIG. 5 is a schematic block diagram of one embodiment of a security authentication device according to the present application;
FIG. 6 is a schematic block diagram of a computer system suitable for use in implementing an electronic device according to embodiments of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the security authentication method or security authentication apparatus of the present application may be applied.
As shown in fig. 1, the system architecture 100 may include a request side 101, a management side 103, a wind control side 105, and networks 102, 104. The network 102 serves as a medium for providing a communication link between the requesting side 101 and the managing side 103. The network 104 is used to provide a medium for a communication link between the management terminal 103 and the wind control terminal 105. The networks 102, 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The requesting side 101 may interact with the managing side 103 via the network 102 to receive or transmit information or the like. The request end 101 may be a terminal device or a server. When the requesting end 101 is a terminal device, various communication client applications, such as a web browser application, a shopping application, a financing application, a credit application, a payment application, etc., may be installed on the requesting end 101. The terminal device may be hardware or software. When the terminal device is hardware, it may be various electronic devices with a display screen, including but not limited to smart phones, tablet computers, e-book readers, laptop portable computers, desktop computers, and the like. When the terminal device is software, the terminal device can be installed in the electronic devices listed above. It may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
The management terminal 103 may be a management server providing various services, and the management server may process the security authentication request sent by the requesting terminal 101, for example, to obtain a processing result (e.g., a security authentication result).
The wind control terminal 105 may be a wind control server providing various services, and for example, the wind control server may receive the security verification request forwarded by the management terminal 103, perform processing such as analysis on the security verification request, and return a processing result (for example, prompt information for instructing information verification) to the management terminal 103.
The management terminal 103 and the wind control terminal 105 may be the same server or different servers.
The request terminal 101, the management terminal 103, and the wind control terminal 105, which are servers, may be hardware or software. When the request terminal 101, the management terminal 103, and the wind control terminal 105 are hardware, they may be implemented as a distributed server cluster formed by multiple servers, or may be implemented as a single server. When the requesting terminal 101, the managing terminal 103 and the wind control terminal 105 are software, they may be implemented as a plurality of software or software modules (for example, to provide distributed services), or may be implemented as a single software or software module. And is not particularly limited herein.
It should be noted that the security verification method provided by the embodiment of the present application is generally executed by the management terminal 103. Accordingly, the security authentication means is generally provided in the management terminal 103.
It should be understood that the number of requesting, network, management, and wind control endpoints in fig. 1 is merely illustrative. There may be any number of request, network, management and wind control terminals, as desired for the implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a security verification method according to the present application is shown. The process 200 of the security verification method includes the following steps:
In this embodiment, the execution subject of the security authentication method (e.g., the management terminal 103 shown in fig. 1) may receive the security authentication request through a wired connection manner or a wireless connection manner. The security authentication request may include, among other things, a user identification and a category identification of a sender of the security authentication request (e.g., the requesting end 101 shown in fig. 1).
It should be noted that the security authentication request may be a security authentication request sent by the sender to the execution main body in response to receiving a request (e.g., a payment request, a credit request, etc.) from a user. As an example, assuming that the sender is a terminal device or a server for providing a payment capability, the category of the sender may be, for example, a payment category, and the category identifier of the sender may be, for example, a name or a number of the payment category.
In this embodiment, after receiving the security authentication request, the execution main body may forward the security authentication request to a connected wind control terminal (e.g., the wind control terminal 105 shown in fig. 1), so that the wind control terminal determines whether to perform information verification on the user indicated by the user identifier based on the category identifier. Wherein, the information check may include at least one of the following: dynamic password authentication, payment password authentication, fingerprint authentication, and the like. The dynamic password can be an unpredictable random number combination generated according to a special algorithm, each dynamic password can be generally used only once, and is widely applied to the application fields of online banking, online games, telecom operators, electronic commerce, enterprises and the like at present.
Note that, for example, the verification tag corresponding to the category identifier may be stored locally in advance at the wind control end. The verification tag may be used to indicate whether to add information verification to the target user. The target user may be the user indicated by the user identifier in the security authentication request from the sender under the category indicated by the category identifier. In addition, the tag value of the above-mentioned verification tag may include a first value indicating that information verification for the target user is added, and a second value indicating that information verification for the target user is not added. After receiving the security verification request forwarded by the execution main body, the wind control end may first check whether a current tag value of the verification tag corresponding to the category identifier in the security verification request is a first value, and if the current tag value is the first value, the wind control end may determine to perform information verification on the user indicated by the user identifier in the security verification request, and at this time, the wind control end may send prompt information for instructing to perform information verification to the execution main body. If the current tag value of the verification tag is not the first value, the wind control end may determine not to perform information verification on the user indicated by the user identifier.
In this embodiment, the execution main body may perform information verification on the user in response to receiving prompt information for instructing to perform information verification, which is returned by the wind control end, and generate an information verification result. Moreover, the execution main body can also obtain a safety verification result based on the information verification result.
As an example, for the user indicated by the user identifier in the security authentication request received in step 201, assuming that the information verification includes payment password authentication, the execution subject may present prompt information for instructing to input a payment password to the user terminal of the user. The execution main body can respond to the received payment password returned by the user terminal and compare the payment password pre-associated with the user identifier with the payment password returned by the user terminal. If the two payment passwords are identical, the execution main body can determine that the user passes the payment password authentication, at this time, the execution main body can generate an information verification result for indicating that the user passes the payment password authentication, and can generate a security authentication result for indicating that the user passes the security authentication based on the information verification result. If the two payment passwords are not consistent, the execution main body can determine that the user fails to pass the payment password authentication, at this time, the execution main body can generate an information verification result for indicating that the user fails to pass the payment password authentication, and further can generate a security authentication result for indicating that the user fails to pass the security authentication based on the information verification result.
It should be noted that, by executing the security authentication method through the execution main body, the dependency of the sender of the security authentication request on the external system can be effectively reduced. For example, the sender only needs to rely on the execution main body, but does not need to rely on the wind control end, and the responsibility of the sender can be single. In addition, the execution main body is used for executing the safety verification method, so that the dependence of the wind control end on an external system can be reduced. For example, dependence of the wind control end on a dynamic password authentication server, a payment password authentication server, a fingerprint authentication server and the like can be avoided, the wind control end only needs to rely on the execution main body, and network interaction can be reduced. In addition, the execution main body is used for executing the safety verification method, so that the problems of redundant requests and the like can be effectively avoided.
In some optional implementations of this embodiment, if the information check includes dynamic password verification, the prompt information for instructing to perform the information check may be prompt information for instructing to perform the dynamic password verification. If the execution main body receives the prompt message from the wind control end, the execution main body may perform the following verification operations: generating a dynamic password, and sending the generated dynamic password to the user side; receiving the dynamic password sent by the user side; and determining whether the dynamic password sent by the user side meets a preset condition, and if so, determining that the user to which the user side belongs passes dynamic password authentication. If the dynamic password sent by the user side does not meet the preset condition, the execution main body can perform incremental operation on the verification failure times of the dynamic password to determine whether the verification failure times of the current dynamic password are smaller than a preset value, and if so, the execution main body can continue to execute the verification operation. If the dynamic password sent by the user side does not meet the preset condition or the current dynamic password authentication failure times are not smaller than the preset value, the execution main body can determine that the user to which the user side belongs does not pass the dynamic password authentication.
The preset conditions may include, for example: and the dynamic password is consistent with the dynamic password which is sent to the user terminal last time. Optionally, the preset condition may include that the preset condition is consistent with a dynamic password last sent to the user side, and at the same time, the preset condition may further include: the transmission time is within a preset time period. The preset time period may be a time period in which the sending time of the dynamic password sent to the user terminal last time is the starting time and the duration is a preset duration (e.g., 60 seconds). In addition, the above-mentioned number of times of failure of authentication of the dynamic password corresponds to the security authentication request received in step 201. The initial value of the number of times of failure of authentication of the dynamic password may be 0.
In some optional implementation manners of this embodiment, the execution subject may send the generated dynamic password to the user side through a short message channel. In addition, after receiving the prompt message instructing to perform information verification, the execution main body may set corresponding identification information for the received security verification request. In practice, different class identifications may correspond to different first serial number generation algorithms. The execution subject may generate a serial number by using a first serial number generation algorithm corresponding to the category identifier in the security authentication request, and set the serial number as the identifier information of the security authentication request.
In addition, after the execution main body sends the generated dynamic password to the user side, the execution main body may also set a corresponding dynamic password identifier for the dynamic password. The execution body may combine the dynamic password and the dynamic password identifier into an information pair, and store the information pair and the identifier information in a corresponding manner. For example, the information pair and the identification information are stored in association with each other in a data storage server local to the execution agent or connected to the execution agent. In practice, different category identifications may also correspond to different second serial number generation algorithms. The executing body may generate a serial number by using a second serial number generation algorithm corresponding to the category identifier in the received security authentication request, and set the serial number as the dynamic password identifier of the dynamic password.
In some optional implementation manners of this embodiment, after the execution main unit verifies the dynamic password received from the user side each time, a corresponding verification record may be generated and stored. Wherein the verification record may include, but is not limited to: the dynamic password, the above-mentioned identification information, a pair of target information corresponding to the above-mentioned identification information, a verification result, and the like. Wherein the target information pair may be an information pair including a dynamic password to which the dynamic password is compared. The verification result may include, for example, a verification success or a verification failure.
In some optional implementation manners of this embodiment, if the preset condition includes that the dynamic password is consistent with the dynamic password that is sent to the user terminal last time, the execution main body may determine whether the dynamic password sent by the user terminal is consistent with a dynamic password in an information pair corresponding to the identification information that is stored last time. If the two passwords are consistent, the execution main body can determine that the dynamic password sent by the user side meets the preset condition.
In some optional implementation manners of this embodiment, before the performing main body performs the verifying operation for the first time, the performing main body may send an address of a dynamic password verifying page to the user side, so that the user side jumps to the dynamic password verifying page based on the address, and the user sends the dynamic password through the dynamic password verifying page. It should be noted that the dynamic password authentication page may be a page based on HTML (HyperText Markup Language) 5 standard. In practice, for security authentication requests from different classes of senders, the executing agent may send the address of the same dynamic password authentication page to the user side of the user indicated by the user identifier in the security authentication request. And the execution main body can send the dynamic password to the user side through a unified short message channel. Therefore, by adopting the uniform dynamic password verification page and the uniform short message channel, repeated development can be effectively avoided, and the maintenance is convenient.
In some optional implementations of this embodiment, the execution subject may return the security authentication result to the sender of the security authentication request.
With continued reference to fig. 3, fig. 3 is a schematic diagram of an application scenario of the security authentication method according to the present embodiment. In the application scenario of fig. 3, a shopping class application may be installed on a terminal device 301 of a user, and the terminal device 301 may be communicatively connected to a payment class server 302 providing support for the shopping class application. The user can use the shopping application on the terminal device 301 to shop, and when paying, the user can send a payment request to the payment server 302 by executing a preset payment operation, wherein the payment request can comprise the user identification of the user. The payment class server 302 may then send a security verification request to the connected administration server 303 in response to receiving the payment request, wherein the security verification request may include the user identification and the class identification of the payment class server 302. The management server 303 may then forward the security authentication request to the connected wind control server 304 in response to receiving the security authentication request. Then, in response to receiving the security verification request, the wind control server 304 may determine whether to perform information verification on the user based on the category identifier, and return prompt information indicating that information verification is performed to the management server 303 after determining that information verification is performed on the user. Then, the management server 303 may perform information verification on the user in response to receiving the prompt information, and generate an information verification result, for example, an information verification result indicating that the user passes the information verification. Finally, the management server 303 may generate a security verification result indicating that the user passes the security verification in response to the information verification result being an information verification result indicating that the user passes the information verification. In addition, the management server 303 may also return the security verification result to the payment class server 302. In this way, the payment class server 302 can return the payment result to the terminal device 301 based on the received security verification result.
In the method provided by the above embodiment of the application, the security verification request including the category identifier and the user identifier is received, and then the security verification request is forwarded to the connected wind control terminal, so that the wind control terminal determines whether to perform information verification on the user indicated by the user identifier based on the category identifier. And then responding to the received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user, and generating an information verification result so as to obtain a safety verification result based on the information verification result. The method and the system realize the safety verification of the user, and avoid the interaction between a sender of a safety verification request and a wind control terminal, thereby ensuring that the responsibility of the sender becomes single.
With further reference to fig. 4, a flow 400 of yet another embodiment of a security authentication method is shown. The process 400 of the security verification method includes the following steps:
In this embodiment, the execution subject of the security authentication method (e.g., the management terminal 103 shown in fig. 1) may receive the security authentication request through a wired connection manner or a wireless connection manner. The security authentication request may include, among other things, a user identification and a category identification of a sender of the security authentication request (e.g., the requesting end 101 shown in fig. 1).
And step 402, forwarding the security verification request to the connected wind control terminal.
In this embodiment, after receiving the security authentication request, the execution main body may forward the security authentication request to a connected wind control terminal (e.g., the wind control terminal 105 shown in fig. 1). The wind control end may determine whether to perform information verification on the user indicated by the user identifier based on the category identifier, and the corresponding determination method may refer to the relevant description in the embodiment shown in fig. 2, which is not described herein again. It should be noted that the information verification may include dynamic password verification. The dynamic password can be an unpredictable random number combination generated according to a special algorithm, each dynamic password can be generally used only once, and is widely applied to the application fields of online banking, online games, telecom operators, electronic commerce, enterprises and the like at present.
In addition, when the wind control end determines not to perform information verification on the user, whether the user passes the security verification or not can be further determined based on the category identification. It should be noted that, the wind control end may locally store, in advance, security verification indication information corresponding to the category identifier, where the security verification indication information may be used to indicate how the wind control end determines whether the user passes the security verification.
As an example, the security authentication request may further include an IP (Internet Protocol) address of the user. The security verification indication information may include: if the IP address in the security verification request is consistent with the pre-stored IP address of the user, determining that the user passes the security verification; otherwise, the user is determined not to pass the security authentication.
For another example, the security authentication request may further include a face image of the user. The security verification indication information may include: if the face image in the security verification request is matched with the pre-stored face image of the user, determining that the user passes the security verification; otherwise, the user is determined not to pass the security authentication.
It should be noted that the content of the security verification indication information may be adjusted according to actual needs, and this embodiment does not limit this aspect at all.
In practice, if the wind control end determines to perform information verification on the user, for example, determines to perform dynamic password authentication on the user, the wind control end may return prompt information for instructing to perform dynamic password authentication to the execution main body, and at this time, the execution main body may execute step 403. In addition, after determining not to perform information on the user and determining whether the user passes the security authentication based on the category identifier, the wind control end may return a corresponding security authentication result to the execution main body, and at this time, the execution main body may execute step 405.
And 403, in response to receiving prompt information which is returned by the wind control end and used for indicating dynamic password authentication, performing dynamic password authentication on the user, and generating an information verification result for indicating whether the user passes the dynamic password authentication.
In this embodiment, the execution main body may perform dynamic password authentication on the user in response to receiving prompt information for instructing dynamic password authentication returned by the wind control end, and generate an information verification result for instructing whether the user passes the dynamic password authentication. It should be noted that, for the dynamic password authentication method, reference may be made to the related description in the embodiment shown in fig. 2, and details are not repeated here.
It should be noted that, if the execution main body determines that the user passes the dynamic password authentication, the information verification result generated by the execution main body may be used to indicate that the user passes the dynamic password authentication, and at this time, the execution main body may execute step 404. If the executing entity determines that the user fails the dynamic password authentication, the information verification result generated by the executing entity may be used to indicate that the user fails the dynamic password authentication, and then the executing entity may execute step 406.
And step 404, responding to the information verification result for indicating that the user passes the dynamic password verification, and sending the information verification result to the wind control end.
In this embodiment, in response to that the information verification result indicates that the user passes the dynamic password authentication, the execution main body may send the information verification result to the wind control end, so that the wind control end further determines whether the user passes the security authentication based on the category identifier.
It should be noted that, the wind control end may not only determine whether the user passes the security verification based on the category identifier automatically after determining that the information of the user is not verified. And the wind control end can also determine whether the user passes the safety verification or not based on the category identification after receiving the information verification result sent by the execution main body.
And step 405, receiving a safety verification result returned by the wind control end.
In this embodiment, when the wind control end determines not to perform information verification on the user, after the execution main body completes step 402, the execution main body may receive a security verification result returned by the wind control end. In addition, after the execution of step 404, the execution main body may also receive a security verification result returned by the wind control end.
And step 406, in response to the information verification result indicating that the user fails the dynamic password authentication, generating a security authentication result indicating that the user fails the security authentication.
In this embodiment, if the information verification result generated by the execution main body indicates that the user fails the dynamic password authentication, the execution main body may determine that the user fails the security authentication, and at this time, the execution main body may generate a security authentication result indicating that the user fails the security authentication.
In this embodiment, after the execution of step 405 or step 406, the execution main body may return the security authentication result to the sender of the security authentication request.
As can be seen from fig. 4, compared with the embodiment corresponding to fig. 2, the process 400 of the security verification method in this embodiment highlights steps of receiving a security verification result returned by the wind control end after determining that the wind control end does not perform information verification on the user and determining whether the user passes the security verification based on the category identifier after forwarding the security verification request to the wind control end; and after generating an information verification result for indicating that the user passes the dynamic password verification, sending the information verification result to the wind control end, and then receiving a safety verification result returned by the wind control end. Therefore, the scheme described in the embodiment can realize the diversity of the acquisition modes of the security verification result and can improve the validity of the security verification result.
With further reference to fig. 5, as an implementation of the method shown in the above figures, the present application provides an embodiment of a security verification apparatus, which corresponds to the embodiment of the method shown in fig. 2, and which can be applied to various electronic devices.
As shown in fig. 5, the security authentication apparatus 500 of the present embodiment includes: the receiving unit 501 may be configured to receive a security authentication request, where the security authentication request may include a user identification and a category identification of a sender of the security authentication request; the forwarding unit 502 may be configured to forward the security verification request to the connected wind control terminal, so that the wind control terminal determines whether to perform information verification on the user indicated by the user identifier based on the class identifier; the processing unit 503 is configured to, in response to receiving prompt information for instructing information verification returned by the wind control terminal, perform information verification on the user based on the prompt information, generate an information verification result, and obtain a security verification result based on the information verification result.
In the present embodiment, in the security authentication apparatus 500: the specific processing of the receiving unit 501, the forwarding unit 502, and the processing unit 503 and the technical effects thereof can refer to the related descriptions of step 201, step 202, and step 203 in the corresponding embodiment of fig. 2, which are not described herein again.
In some optional implementations of this embodiment, the information verification may include dynamic password authentication, and the prompt information may be information for instructing to perform dynamic password authentication; and the processing unit 503 may include: a first execution subunit (not shown in the figures) configured to perform the following verification operations: generating a dynamic password, and sending the generated dynamic password to a user side of a user; receiving a dynamic password sent by a user side; determining whether a dynamic password sent by a user side meets a preset condition, and if so, determining that the user passes dynamic password authentication; and a second execution subunit (not shown in the figure), configured to, if the dynamic password sent by the user side does not meet the preset condition, perform an incremental operation on the verification failure times of the dynamic password, determine whether the current verification failure times of the dynamic password is smaller than a preset value, and if so, continue to perform the verification operation.
In some optional implementations of this embodiment, the processing unit 503 may further include: and a determining subunit (not shown in the figure) configured to determine that the user fails the dynamic password authentication in response to determining that the dynamic password sent by the user terminal does not satisfy the preset condition or that the current number of times of failure of the dynamic password authentication is not less than the preset value.
In some optional implementations of this embodiment, the apparatus 500 may further include: a first setting unit (not shown in the figure) configured to set corresponding identification information for the security authentication request; and a storage unit (not shown in the figure) configured to set a corresponding dynamic password identification for the generated dynamic password, to constitute an information pair by the dynamic password and the dynamic password identification, and to store the information pair and the identification information in correspondence.
In some optional implementations of this embodiment, the preset condition may include: the password is consistent with the dynamic password which is sent to the user terminal last time; and the first execution subunit may be further configured to: and determining whether the dynamic password sent by the user side is consistent with the dynamic password in the information pair corresponding to the latest stored identification information, and if so, determining that the dynamic password sent by the user side meets the preset condition.
In some optional implementations of this embodiment, the first execution subunit may be further configured to: and sending the generated dynamic password to the user side through the short message channel.
In some optional implementations of this embodiment, the apparatus 500 may further include: and a first sending unit (not shown in the figure) configured to send the address of the dynamic password authentication page to the user terminal, so that the user terminal jumps to the dynamic password authentication page based on the address, and the user sends the dynamic password through the dynamic password authentication page.
In some optional implementations of this embodiment, the processing unit 503 may further include: a generating subunit (not shown in the figure) configured to generate a security authentication result indicating that the user has failed the security authentication if the information verification result indicates that the user has failed the information verification.
In some optional implementations of this embodiment, the processing unit 503 may further include: a sending subunit (not shown in the figure), configured to send the information verification result to the wind control end if the information verification result is used to indicate that the user passes the information verification, so that the wind control end further determines whether the user passes the security verification based on the category identifier; and receiving a safety verification result returned by the wind control end.
In some optional implementations of this embodiment, the apparatus 500 may further include: and a first receiving unit (not shown in the figure) configured to receive a security verification result returned by the wind control terminal after determining not to perform information verification on the user and determining whether the user passes the security verification based on the class identification.
In some optional implementations of this embodiment, the apparatus 500 may further include: and a second sending unit (not shown in the figure) configured to return the security authentication result to the sender.
The device provided by the above embodiment of the application receives the security verification request including the category identifier and the user identifier, and then forwards the security verification request to the connected wind control terminal, so that the wind control terminal determines whether to perform information verification on the user indicated by the user identifier based on the category identifier. And then responding to the received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user, and generating an information verification result so as to obtain a safety verification result based on the information verification result. The method and the system realize the safety verification of the user, and avoid the interaction between a sender of a safety verification request and a wind control terminal, thereby ensuring that the responsibility of the sender becomes single.
Referring now to FIG. 6, a block diagram of a computer system 600 suitable for use in implementing an electronic device (e.g., the management terminal 103 shown in FIG. 1) of an embodiment of the present application is shown. The electronic device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU)601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611. The above-described functions defined in the system of the present application are executed when the computer program is executed by the Central Processing Unit (CPU) 601.
It should be noted that the computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present application may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a receiving unit, a forwarding unit, and a processing unit. Where the names of these units do not in some cases constitute a limitation on the unit itself, for example, a receiving unit may also be described as a "unit that receives a security authentication request".
As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by an electronic device, cause the electronic device to: receiving a security verification request, wherein the security verification request can comprise a user identifier and a category identifier of a sender of the security verification request; forwarding the security verification request to a connected wind control end so that the wind control end determines whether to perform information verification on the user indicated by the user identifier based on the class identifier; and responding to the received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user based on the prompt information, generating an information verification result, and obtaining a safety verification result based on the information verification result.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the invention. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.
Claims (20)
1. A security authentication method, comprising:
receiving a security verification request, wherein the security verification request comprises a user identifier and a category identifier of a sender of the security verification request;
forwarding the security verification request to a connected wind control terminal through a network, so that the wind control terminal determines whether to perform information verification on the user indicated by the user identifier based on the class identifier;
responding to received prompt information which is returned by the wind control end and used for indicating information verification, performing information verification on the user based on the prompt information, generating an information verification result, and obtaining a safety verification result based on the information verification result;
the obtaining of the security verification result based on the information verification result further comprises: if the information verification result is used for indicating that the user passes the information verification, the information verification result is sent to the wind control end, so that the wind control end further determines whether the user passes the safety verification based on the category identification; receiving a safety verification result returned by the wind control end;
after the forwarding the security verification request to the connected wind control terminal, the method further comprises: and receiving a safety verification result returned by the wind control end after determining not to perform information verification on the user and determining whether the user passes the safety verification based on the category identification.
2. The method of claim 1, wherein the information check includes dynamic password authentication, and the prompt information is information for instructing dynamic password authentication; and
the information verification of the user based on the prompt information includes:
the following verification operations are performed: generating a dynamic password, and sending the generated dynamic password to a user side of the user; receiving a dynamic password sent by the user side; determining whether a dynamic password sent by the user side meets a preset condition, and if so, determining that the user passes dynamic password authentication;
if the dynamic password sent by the user side does not meet the preset condition, performing incremental operation on the verification failure times of the dynamic password, determining whether the verification failure times of the current dynamic password is smaller than a preset value, and if so, continuing to execute the verification operation.
3. The method of claim 2, wherein the information verifying the user based on the prompting information further comprises:
and determining that the user fails the dynamic password authentication in response to determining that the dynamic password sent by the user side does not meet the preset condition or that the current dynamic password authentication failure times are not less than the preset value.
4. The method of claim 2, wherein after the responding receives prompt information returned by the wind control terminal for indicating information verification, the method further comprises:
setting corresponding identification information for the security verification request; and
after the sending the generated dynamic password to the user side of the user, the method further comprises:
setting a corresponding dynamic password identification for the generated dynamic password, forming an information pair by the dynamic password and the dynamic password identification, and correspondingly storing the information pair and the identification information.
5. The method of claim 4, wherein the preset conditions include: the password is consistent with the dynamic password which is sent to the user terminal last time; and
the determining whether the dynamic password sent by the user side meets a preset condition includes:
and determining whether the dynamic password sent by the user side is consistent with the dynamic password in the information pair corresponding to the identification information which is stored latest, and if so, determining that the dynamic password sent by the user side meets the preset condition.
6. The method of claim 2, wherein the sending the generated dynamic password to the user side of the user comprises:
and sending the generated dynamic password to the user side through a short message channel.
7. The method of claim 2, wherein prior to first performing the authentication operation, the method further comprises:
and sending the address of the dynamic password verification page to the user side so that the user side jumps to the dynamic password verification page based on the address, and the user can send the dynamic password through the dynamic password verification page.
8. The method of claim 1, wherein the obtaining a security verification result based on the information verification result comprises:
and if the information verification result is used for indicating that the user does not pass the information verification, generating a security verification result for indicating that the user does not pass the security verification.
9. The method according to one of claims 1 to 8, wherein the method further comprises:
and returning the security verification result to the sender.
10. A security verification apparatus comprising:
a receiving unit configured to receive a security authentication request, wherein the security authentication request includes a user identifier and a category identifier of a sender of the security authentication request;
a forwarding unit configured to forward the security verification request to a connected wind control terminal through a network, so that the wind control terminal determines whether to perform information verification on the user indicated by the user identifier based on the class identifier;
the processing unit is configured to respond to the received prompt information which is returned by the wind control end and used for indicating information verification, perform information verification on the user based on the prompt information, generate an information verification result, and obtain a safety verification result based on the information verification result;
the processing unit further comprises: a sending subunit, configured to send the information verification result to the wind control end if the information verification result is used to indicate that the user passes the information verification, so that the wind control end further determines whether the user passes the security verification based on the category identifier; receiving a safety verification result returned by the wind control end;
the device further comprises: the first receiving unit is configured to receive a security verification result returned by the wind control terminal after determining not to perform information verification on the user and determining whether the user passes security verification based on the class identification.
11. The apparatus of claim 10, wherein the information check includes dynamic password authentication, and the hint information is information for instructing dynamic password authentication to be performed; and
the processing unit includes:
a first execution subunit configured to perform the following validation operations: generating a dynamic password, and sending the generated dynamic password to a user side of the user; receiving a dynamic password sent by the user side; determining whether a dynamic password sent by the user side meets a preset condition, and if so, determining that the user passes dynamic password authentication;
and the second execution subunit is configured to, if the dynamic password sent by the user side does not meet the preset condition, perform an incremental operation on the verification failure times of the dynamic password, determine whether the current verification failure times of the dynamic password is smaller than a preset value, and if so, continue to execute the verification operation.
12. The apparatus of claim 11, wherein the processing unit further comprises:
a determining subunit configured to determine that the user fails the dynamic password authentication in response to determining that the dynamic password sent by the user side does not satisfy the preset condition or that the current number of times of failure of the dynamic password authentication is not less than the preset value.
13. The apparatus of claim 11, wherein the apparatus further comprises:
a first setting unit configured to set corresponding identification information for the security authentication request; and
and the storage unit is configured to set a corresponding dynamic password identifier for the generated dynamic password, form the dynamic password and the dynamic password identifier into an information pair, and correspondingly store the information pair and the identification information.
14. The apparatus of claim 13, wherein the preset condition comprises: the password is consistent with the dynamic password which is sent to the user terminal last time; and
the first execution subunit is further configured to:
and determining whether the dynamic password sent by the user side is consistent with the dynamic password in the information pair corresponding to the identification information which is stored latest, and if so, determining that the dynamic password sent by the user side meets the preset condition.
15. The apparatus of claim 11, wherein the first execution subunit is further configured to:
and sending the generated dynamic password to the user side through a short message channel.
16. The apparatus of claim 11, wherein the apparatus further comprises:
a first sending unit configured to send an address of a dynamic password authentication page to the user side, so that the user side jumps to the dynamic password authentication page based on the address, for the user to send a dynamic password through the dynamic password authentication page.
17. The apparatus of claim 10, wherein the processing unit further comprises:
a generating subunit configured to generate a security verification result for indicating that the user fails security verification if the information verification result is used to indicate that the user fails information verification.
18. The apparatus according to one of claims 10-17, wherein the apparatus further comprises:
a second sending unit configured to return a security authentication result to the sender.
19. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-9.
20. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-9.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810593528.2A CN108449186B (en) | 2018-06-11 | 2018-06-11 | Security verification method and device |
| PCT/CN2019/089487 WO2019237950A1 (en) | 2018-06-11 | 2019-05-31 | Security verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810593528.2A CN108449186B (en) | 2018-06-11 | 2018-06-11 | Security verification method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108449186A CN108449186A (en) | 2018-08-24 |
| CN108449186B true CN108449186B (en) | 2020-06-05 |
Family
ID=63206945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810593528.2A Active CN108449186B (en) | 2018-06-11 | 2018-06-11 | Security verification method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108449186B (en) |
| WO (1) | WO2019237950A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108449186B (en) * | 2018-06-11 | 2020-06-05 | 京东数字科技控股有限公司 | Security verification method and device |
| CN110189452B (en) * | 2019-06-06 | 2022-07-12 | 广州小鹏汽车科技有限公司 | Vehicle key access processing method, device and system and vehicle |
| CN111400690B (en) * | 2020-03-25 | 2022-03-29 | 支付宝(杭州)信息技术有限公司 | Biological verification method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105933266A (en) * | 2015-08-20 | 2016-09-07 | ***股份有限公司 | Verification method and server |
| CN107395647A (en) * | 2017-09-05 | 2017-11-24 | 北京京东尚科信息技术有限公司 | Checking system, method and apparatus |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8485442B2 (en) * | 2009-07-02 | 2013-07-16 | Biometric Payment Solutions | Electronic transaction verification system with biometric authentication |
| CN102147900A (en) * | 2011-03-14 | 2011-08-10 | 珠海飞讯科技有限公司 | System and method for realizing payment |
| EP3213243B1 (en) * | 2014-10-31 | 2020-09-09 | Proofpoint, Inc. | Systems and methods for privately performing application security analysis |
| CN111614642B (en) * | 2016-01-22 | 2022-06-10 | 创新先进技术有限公司 | Method, device and system for registration authentication |
| CN107341384A (en) * | 2016-04-28 | 2017-11-10 | 苏宁云商集团股份有限公司 | A kind of service verification method and system |
| CN107018119B (en) * | 2016-08-30 | 2020-11-24 | 创新先进技术有限公司 | Identity verification system, method and platform |
| CN106845995B (en) * | 2017-01-19 | 2018-05-04 | 飞天诚信科技股份有限公司 | A kind of Bluetooth intelligent card and its method for controlling transaction risk |
| CN108449186B (en) * | 2018-06-11 | 2020-06-05 | 京东数字科技控股有限公司 | Security verification method and device |
-
2018
- 2018-06-11 CN CN201810593528.2A patent/CN108449186B/en active Active
-
2019
- 2019-05-31 WO PCT/CN2019/089487 patent/WO2019237950A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105933266A (en) * | 2015-08-20 | 2016-09-07 | ***股份有限公司 | Verification method and server |
| CN107395647A (en) * | 2017-09-05 | 2017-11-24 | 北京京东尚科信息技术有限公司 | Checking system, method and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2019237950A1 (en) | 2019-12-19 |
| CN108449186A (en) | 2018-08-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112019493B (en) | Identity authentication method, identity authentication device, computer equipment and medium | |
| CN108551437B (en) | Method and apparatus for authenticating information | |
| CN111160845B (en) | Service processing method and device | |
| CN110958237A (en) | Authority verification method and device | |
| CN108449186B (en) | Security verification method and device | |
| CN107465693B (en) | Request message processing method and device | |
| CN104954330A (en) | Method of accessing data resources, device and system | |
| CN110401630B (en) | Transaction certificate verification method, device, electronic equipment and medium | |
| CN107203576B (en) | Information synchronization method and device | |
| CN112583834B (en) | Method and device for single sign-on through gateway | |
| CN109150898B (en) | Method and apparatus for processing information | |
| CN114584381A (en) | Security authentication method and device based on gateway, electronic equipment and storage medium | |
| CN113572763A (en) | Data processing method and device, electronic equipment and storage medium | |
| CN114422156B (en) | Bidding file compensation authentication method and system based on block chain | |
| CN111030900A (en) | Authentication-free login method and device and electronic equipment | |
| CN108259487B (en) | information interaction method and computer readable medium | |
| CN110659897A (en) | Method, system, computing device and medium for transaction verification | |
| CN114461912A (en) | Information processing method and device, electronic equipment and storage medium | |
| CN112910643A (en) | Method and device for generating random number in block chain | |
| CN113807854B (en) | Method, apparatus, system, electronic device and medium for electronic payment | |
| CN111786936A (en) | Method and device for authentication | |
| CN114785560B (en) | Information processing method, device, equipment and medium | |
| CN111885006B (en) | Page access and authorized access method and device | |
| CN112383542B (en) | User login method and system, authentication end and user end | |
| US20230126238A1 (en) | Security for usb-based device configuration |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Room 221, 2nd floor, Block C, 18 Kechuang 11th Street, Daxing Economic and Technological Development Zone, Beijing, 100176 Applicant after: JINGDONG DIGITAL TECHNOLOGY HOLDINGS Co.,Ltd. Address before: Room 221, 2nd floor, Block C, 18 Kechuang 11th Street, Daxing Economic and Technological Development Zone, Beijing, 100176 Applicant before: BEIJING JINGDONG FINANCIAL TECHNOLOGY HOLDING Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Room 221, 2nd floor, Block C, 18 Kechuang 11th Street, Daxing Economic and Technological Development Zone, Beijing, 100176 Patentee after: Jingdong Technology Holding Co.,Ltd. Address before: Room 221, 2nd floor, Block C, 18 Kechuang 11th Street, Daxing Economic and Technological Development Zone, Beijing, 100176 Patentee before: Jingdong Digital Technology Holding Co.,Ltd. Address after: Room 221, 2nd floor, Block C, 18 Kechuang 11th Street, Daxing Economic and Technological Development Zone, Beijing, 100176 Patentee after: Jingdong Digital Technology Holding Co.,Ltd. Address before: Room 221, 2nd floor, Block C, 18 Kechuang 11th Street, Daxing Economic and Technological Development Zone, Beijing, 100176 Patentee before: JINGDONG DIGITAL TECHNOLOGY HOLDINGS Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |